jfarcand 2003/06/20 14:18:45
Modified: catalina/src/share/org/apache/catalina/core
StandardContext.java
Log:
Fix bugtraq 4880590 Container incorrectly processes invalid URL patterns in
jsp-property-groups.
This extends to non-jsp-property-group url-patterns as well as the catalina code
that handles the jsp url pattern mappings delegates to the code that handles the
servlet pattern mapping.
Consider the following url-pattern: /somepath/*.jsp
This is invalid but accepted and works within the server.
The Servlet specification states that a valid URL pattern for an extension
mapping
like the example above must be '*.jsp' with no additional path information.
Patch Submitted by: Ryan Lubke at sun.com
Revision Changes Path
1.66 +3 -7
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardContext.java
Index: StandardContext.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -r1.65 -r1.66
--- StandardContext.java 15 Jun 2003 13:10:40 -0000 1.65
+++ StandardContext.java 20 Jun 2003 21:18:45 -0000 1.66
@@ -1730,11 +1730,6 @@
servletName = "jsp";
}
- // Properly handle file that are considered to be a jsp.
- if (pattern.indexOf("*.") > 0){
- pattern = pattern.substring(pattern.lastIndexOf("*"));
- servletName = "jsp";
- }
if( findChild(servletName) != null) {
addServletMapping(pattern, servletName);
} else {
@@ -4736,7 +4731,8 @@
else
return (false);
}
- if (urlPattern.startsWith("/"))
+ if ( (urlPattern.startsWith("/")) &&
+ (urlPattern.indexOf("*.") < 0))
return (true);
else
return (false);
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
